CASE STUDY | SNAP FINANCE

Snap Finance Automates Bot Defense and Fraud Detection with Cequence Bot Management

Download Case Study
“With Cequence, we no longer have to worry about malicious or suspicious traffic reaching our applications.”
Gaurav Kohli
CTO, Snap Finance

A Leading Provider of Consumer Lease and Loan Solutions

Snap Finance provides a suite of very popular lease-to-own (LTO) and installment loan options for millions of consumers. The company serves a two-sided marketplace ─ with consumers on one side, merchants on the other. Snap Finance provides a high degree of customer engagement, a flexible consumer product line, as well as an optional virtual card. Its risk-based machine learning models allow for very fast decisions, simplifying the purchase process for consumers as well as the retail organizations they frequent.

IT and Business Challenges

Snap Finance is a cloud-forward organization. The company’s IT team manages some on-premises infrastructure at the company’s headquarters in Salt Lake City, UT, and a secondary center in Costa Rica, but all internet and business-facing applications are now in the cloud.
Gaurav Kohli, Snap Finance’s CTO, is responsible for managing all digital properties across both physical sites and in the cloud, with an emphasis on security and scalability. “We have several thousand API endpoints,” Kohli explained. “Not only do we serve our consumers through our own digital properties, we also have direct integrations with marketplaces and other large merchants that interact directly with our APIs. Making sure all of this data is secure is no easy task.”
Maria Ng is the company’s CISO. When she joined Snap Finance in 2022, her mandate was to optimize the company’s digital properties, using API-first approaches. She is now responsible for protecting all of Snap Finance’s corporate, customer, and merchant data. She also manages the company’s privacy, governance, risk and compliance, and cyber security programs. “Our strategy is to be omnichannel,” she explained. “We want to meet the customers wherever they are—whether that’s Android, iOS, desktop, or browsers. We recently launched our new mobile app and it has already surpassed 500,000 downloads with a 4.9 rating. This is why protecting our APIs is so important to us.”
Before moving to Cequence, Snap Finance used a collection of disparate fraud protection technologies. The company’s security team was able to identify and block many potential threats with those solutions, but they were unable to perform bot management in an easy and effective manner
Snap Finance started looking for an automated bot management solution two years ago. “We needed to find a partner with a broad understanding of the API and security space,” said Kohli. “We also wanted to work with a vendor that provided a managed service, rather than having to employ more security personnel to cover all of these necessary functions.”
Challenges
Wanted to improve and automate bot management
Solution
Cequence Bot Management
Benefits
Icon

Enhanced API security with better defense at the perimeter

Icon

Effective bot management reduced the number of reportable threats to zero

Icon

Eliminated the need to hire two full-time security professionals

“I don’t think there are any other bot protection solutions in the market today that can compete with what Cequence is offering. None of them have a story that’s as compelling or a solution as robust as the Cequence Unified API Protection platform.”
Gaurav Kohli
CTO, Snap Finance

Choosing Cequence Bot Management

Snap Finance chose Cequence after evaluating several potential bot management vendors. A module of the Cequence Unified API Protection platform, Cequence Bot Management was first deployed to protect Snap Finance’s consumer application portal – the platform consumers use to see if they are qualified, and where returning customers can log in and apply for new loans or leases.
“We haven’t found another bot protection solution in the market today that can compete with what Cequence is offering,” admitted Kohli. “None of them have a story that’s as compelling or a solution as robust as the Cequence Unified API Protection platform.”
The Cequence bot management and fraud prevention solution
protects an organization’s web, mobile, and API applications from the full range of bot attacks to prevent data loss, theft, and fraud. Powered by an ML-based analytics engine that determines in real time if application and API transactions are malicious or legitimate, Cequence Bot Management natively mitigates attacks and eliminates harmful business impacts such as downtime, brand damage, skewed sales analytics, and increased infrastructure costs. Bot Management is available standalone or as part of the Cequence Unified API Protection platform.
“The Cequence managed service gives us much more breathing room. By taking care of bot management for us, we can focus on other strategic IT projects.”
Maria Ng
CISO, Snap Finance

Improved API Security Posture with Defense at the Perimeter

“In terms of bot protection, my philosophy is to ‘keep the fight outside my lawn’,” explained Ng. “I don’t want to have any interactions with threat actors on my edge — I want to push that perimeter out as far as I can. Cequence is able to intercept bad traffic from threat actors outside of our perimeter. With this capability, our threat posture has been significantly improved.”
Automating Bot Management
“The Cequence managed service has definitely reduced the number of things our security team needs to pay attention to,” noted Ng. “Cequence provides consistent, detailed reports on what threats were received, how much traffic was blocked, which threats were automatically mitigated, the ones advanced to manual review, and any threats we were notified on. The Cequence managed service gives us much more breathing room. By taking care of bot management for us, we can now focus on other strategic IT projects.”
Reducing the Number of Reportable Breaches to Zero
One of Ng’s responsibilities as CISO is to provide regular security updates to the company’s board of directors. “I inform them of any reportable breaches and attempted attacks,” said Ng. “At our last meeting, I was happy to inform them that we’ve had no reportable breaches since deploying Cequence.”
“When I first joined Snap Finance, there were some bad actors trying to use our applications to obtain confidential information,” Ng shared. “Fortunately, we were able to use Cequence to mitigate that attack, avoiding any availability or data loss issues.”
Benefits
Icon

No CAPTCHA Needed Network-based approach requires no agents, JavaScript, or SDK integration

Icon

Native Mitigation Attack identification and blocking without relying on third-party infrastructure such as WAFs

Icon

Rapid Time to Value Deploys quickly and is immediately effective

Icon

Flexible Deployment Model Supports on-premises, SaaS, or hybrid deployments

Icon

Fraud Prevention Customizable, granular policies for organization-specific use cases

Reducing IT Expenses
Cequence is also enabling Snap Finance to reduce IT time and expense. “If we didn’t have the Cequence managed service, we would have to hire two full-time security professionals, in addition to purchasing and deploying another solution that would enable us to perform bot management by ourselves,” Kohli said.
Recommending Cequence to Others
When asked if he would recommend Cequence to other companies, Kohli replied, “Yes, absolutely. We have a very strong partnership with Cequence—they were right there with us all along the way. Our Cequence account rep meets with us regularly to discuss our deployment and listen to any suggestions we might have for future product enhancements. Unlike other partners or vendors, our relationship with Cequence did not end after we signed the sales agreement. They really care about our ongoing success with bot management. With Cequence, we worry less about malicious or suspicious traffic reaching our applications.”
About Snap Finance
Snap Finance harnesses the power of data to empower consumers of all credit types to get what they need. Launched in 2012, Snap’s technology utilizes more than a decade of data, machine learning, and non-traditional risk variables to create a proprietary platform that looks at each customer through a more holistic, human lens. Snap’s flexible solutions are changing the face and pace of consumer retail finance. For more information, visit snapfinance.com.

Find out how Cequence can help your organization.

Cequence Security application and API protection experts will show you how we can help you improve your security posture with a personalized demo. Nothing to deploy. All we need is your email.
Get Started Now